1 /*
2 * Copyright (c) 2022-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "all_in_one_func.h"
17
18 #include "securec.h"
19
20 #include "adaptor_algorithm.h"
21
22 static KeyPair *g_keyPair = NULL;
23 static Buffer *g_fwkPubKey = NULL;
24
GenerateResultTlv(Buffer * retTlv,int32_t resultCode,uint64_t scheduleId,uint64_t templateId,Buffer * rootSecret)25 static ResultCode GenerateResultTlv(
26 Buffer *retTlv, int32_t resultCode, uint64_t scheduleId, uint64_t templateId, Buffer *rootSecret)
27 {
28 Attribute *attribute = GetAttributeDataBase(scheduleId, REMOTE_PIN_MSG_NONE);
29 IF_TRUE_LOGE_AND_RETURN_VAL(attribute == NULL, RESULT_GENERAL_ERROR);
30
31 int32_t result = RESULT_GENERAL_ERROR;
32 if (!SetResultDataInfo(attribute, PinResultToFwkResult(resultCode), templateId, rootSecret)) {
33 LOG_ERROR("SetResultDataInfo fail");
34 goto EXIT;
35 }
36
37 uint32_t tlvSize = retTlv->maxSize;
38 result = FormatTlvMsg(attribute, g_keyPair, retTlv->buf, &tlvSize);
39 if (result != RESULT_SUCCESS) {
40 LOG_ERROR("FormatTlvMsg fail");
41 goto EXIT;
42 }
43 retTlv->contentSize = tlvSize;
44
45 EXIT:
46 FreeAttribute(&attribute);
47 return result;
48 }
49
DoEnrollPin(PinEnrollParam * pinEnrollParam,Buffer * retTlv)50 ResultCode DoEnrollPin(PinEnrollParam *pinEnrollParam, Buffer *retTlv)
51 {
52 if (pinEnrollParam == NULL || !IsBufferValid(retTlv)) {
53 LOG_ERROR("get invalid params.");
54 return RESULT_BAD_PARAM;
55 }
56 uint64_t templateId = INVALID_TEMPLATE_ID;
57 Buffer *rootSecret = CreateBufferBySize(ROOT_SECRET_LEN);
58 if (!IsBufferValid(rootSecret)) {
59 LOG_ERROR("no memory.");
60 return RESULT_BAD_PARAM;
61 }
62 ResultCode ret = AddPin(pinEnrollParam, &templateId, rootSecret);
63 if (ret != RESULT_SUCCESS) {
64 LOG_ERROR("AddPin fail.");
65 DestroyBuffer(rootSecret);
66 return ret;
67 }
68
69 ret = GenerateResultTlv(retTlv, RESULT_SUCCESS, pinEnrollParam->scheduleId, templateId, rootSecret);
70 if (ret != RESULT_SUCCESS) {
71 LOG_ERROR("GenerateRetTlv DoEnrollPin fail.");
72 }
73
74 DestroyBuffer(rootSecret);
75 return ret;
76 }
77
DoAllInOneAuth(uint64_t scheduleId,uint64_t templateId,const uint8_t * extraInfo,uint32_t extraInfoSize,AlgoParamOut * algoParam)78 ResultCode DoAllInOneAuth(uint64_t scheduleId, uint64_t templateId,
79 const uint8_t *extraInfo, uint32_t extraInfoSize, AlgoParamOut *algoParam)
80 {
81 LOG_INFO("DoAllInOneAuth start %{public}x", (uint16_t)scheduleId);
82 if ((extraInfo == NULL) || (extraInfoSize == 0) || (extraInfoSize > MAX_EXECUTOR_MSG_LEN) || (algoParam == NULL)) {
83 LOG_ERROR("check param fail!");
84 return RESULT_BAD_PARAM;
85 }
86
87 ResultCode result = GetSubType(templateId, &(algoParam->subType));
88 if (result != RESULT_SUCCESS) {
89 LOG_ERROR("GetSubType fail!");
90 return result;
91 }
92 uint32_t algoParameterSize = CONST_SALT_LEN;
93 result = DoGetAlgoParameter(templateId, algoParam->algoParameter, &algoParameterSize, &(algoParam->algoVersion));
94 if (result != RESULT_SUCCESS) {
95 LOG_ERROR("DoGetAlgoParameter fail!");
96 }
97 return result;
98 }
99
DoAuthPin(PinAuthParam * pinAuthParam,Buffer * retTlv,ResultCode * compareRet)100 ResultCode DoAuthPin(PinAuthParam *pinAuthParam, Buffer *retTlv, ResultCode *compareRet)
101 {
102 if (!IsBufferValid(retTlv) || pinAuthParam == NULL || compareRet == NULL) {
103 LOG_ERROR("check param fail!");
104 return RESULT_BAD_PARAM;
105 }
106 *compareRet = RESULT_COMPARE_FAIL;
107
108 PinCredentialInfos pinCredentialInfo = {};
109 ResultCode ret = DoQueryPinInfo(pinAuthParam->templateId, &pinCredentialInfo);
110 if (ret != RESULT_SUCCESS) {
111 LOG_ERROR("DoQueryPinInfo fail.");
112 return ret;
113 }
114
115 Buffer *rootSecret = CreateBufferBySize(ROOT_SECRET_LEN);
116 if (!IsBufferValid(rootSecret)) {
117 LOG_ERROR("no memory.");
118 return RESULT_BAD_PARAM;
119 }
120 if (pinCredentialInfo.freezeTime == 0) {
121 Buffer pinData = GetTmpBuffer(pinAuthParam->pinData, CONST_PIN_DATA_LEN, CONST_PIN_DATA_LEN);
122 ret = AuthPinById(&pinData, pinAuthParam->templateId, rootSecret, compareRet);
123 if (ret != RESULT_SUCCESS) {
124 LOG_ERROR("AuthPinById fail.");
125 goto EXIT;
126 }
127 } else {
128 LOG_ERROR("Pin is freezing.");
129 *compareRet = RESULT_PIN_FREEZE;
130 }
131
132 ret = GenerateResultTlv(retTlv, *compareRet, pinAuthParam->scheduleId, pinAuthParam->templateId, rootSecret);
133 if (ret != RESULT_SUCCESS) {
134 LOG_ERROR("GenerateRetTlv DoAuthPin fail.");
135 }
136
137 EXIT:
138 DestroyBuffer(rootSecret);
139 return ret;
140 }
141
DoDeleteTemplate(uint64_t templateId)142 ResultCode DoDeleteTemplate(uint64_t templateId)
143 {
144 ResultCode ret = DelPinById(templateId);
145 if (ret != RESULT_SUCCESS) {
146 LOG_ERROR("delete pin fail.");
147 return RESULT_BAD_DEL;
148 }
149 return RESULT_SUCCESS;
150 }
151
152 /* This is for example only, Should be implemented in trusted environment. */
GenerateAllInOneKeyPair(void)153 ResultCode GenerateAllInOneKeyPair(void)
154 {
155 DestroyKeyPair(g_keyPair);
156 g_keyPair = GenerateEd25519KeyPair();
157 if (g_keyPair == NULL) {
158 LOG_ERROR("GenerateEd25519Keypair fail!");
159 return RESULT_GENERAL_ERROR;
160 }
161 LOG_INFO("GenerateKeyPair success");
162 return RESULT_SUCCESS;
163 }
164
DestroyAllInOneKeyPair(void)165 void DestroyAllInOneKeyPair(void)
166 {
167 DestroyKeyPair(g_keyPair);
168 g_keyPair = NULL;
169 LOG_INFO("DestroyKeyPair success");
170 }
171
172 /* This is for example only, Should be implemented in trusted environment. */
DoGetAllInOneExecutorInfo(PinExecutorInfo * pinExecutorInfo)173 ResultCode DoGetAllInOneExecutorInfo(PinExecutorInfo *pinExecutorInfo)
174 {
175 if (pinExecutorInfo == NULL) {
176 LOG_ERROR("check param fail!");
177 return RESULT_BAD_PARAM;
178 }
179 if (!IsEd25519KeyPairValid(g_keyPair)) {
180 LOG_ERROR("key pair not init!");
181 return RESULT_NEED_INIT;
182 }
183 uint32_t pubKeyLen = ED25519_FIX_PUBKEY_BUFFER_SIZE;
184 if (GetBufferData(g_keyPair->pubKey, pinExecutorInfo->pubKey, &pubKeyLen) != RESULT_SUCCESS) {
185 LOG_ERROR("GetBufferData fail!");
186 return RESULT_UNKNOWN;
187 }
188 pinExecutorInfo->esl = PIN_EXECUTOR_SECURITY_LEVEL;
189 pinExecutorInfo->maxTemplateAcl = PIN_CAPABILITY_LEVEL;
190 return RESULT_SUCCESS;
191 }
192
DoSetAllInOneFwkParam(const uint64_t * templateIdList,uint32_t templateIdListLen,const uint8_t * fwkPubKey,uint32_t fwkPubKeySize)193 ResultCode DoSetAllInOneFwkParam(
194 const uint64_t *templateIdList, uint32_t templateIdListLen, const uint8_t *fwkPubKey, uint32_t fwkPubKeySize)
195 {
196 if (((templateIdListLen != 0) && (templateIdList == NULL)) ||
197 (fwkPubKey == NULL) || (fwkPubKeySize != ED25519_FIX_PUBKEY_BUFFER_SIZE)) {
198 LOG_ERROR("templateIdList should be not null, when templateIdListLen is not zero");
199 return RESULT_BAD_PARAM;
200 }
201 DestroyBuffer(g_fwkPubKey);
202 g_fwkPubKey = CreateBufferByData(fwkPubKey, fwkPubKeySize);
203 if (g_fwkPubKey == NULL) {
204 LOG_ERROR("DoSetAllInOneFwkParam create fwkPubKey fail!");
205 return RESULT_NO_MEMORY;
206 }
207 ResultCode ret = VerifyTemplateDataPin(templateIdList, templateIdListLen);
208 if (ret != RESULT_SUCCESS) {
209 LOG_ERROR("Verify TemplateDataPin fail.");
210 return ret;
211 }
212 return RESULT_SUCCESS;
213 }
214
DoWriteAntiBruteInfoToFile(uint64_t templateId)215 ResultCode DoWriteAntiBruteInfoToFile(uint64_t templateId)
216 {
217 ResultCode ret = RefreshAntiBruteInfoToFile(templateId);
218 if (ret != RESULT_SUCCESS) {
219 LOG_ERROR("RefreshAntiBruteInfoToFile fail.");
220 }
221 return ret;
222 }
223